lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 22 Sep 2009 19:32:01 -0300
From: Mailing lists at Core Security Technologies <lists@...esecurity.com>
To: nowhere@...null.com
Cc: bugtraq@...urityfocus.com
Subject: Re: [Full-disclosure] 3rd party patch for XP for MS09-048?

Aras "Russ" Memisyazici wrote:
> 
> How effective is what Tom Grace suggests? Unless I'm misunderstanding, he's
> suggesting switching to an iptables based protection along with a registry
> tweak... ahh the good ol' batch firewall :) Would this actually work as a
> viable work-around? I realize M$ stated this as such, but given their
> current reputation it's really hard to take their word for anything these
> days :P
> 
> What free/cheap client-level-IPS solutions block this current attack? Any
> suggestions?
> 
> Thank you for your time and look forward to some more answers.

Hi,

This _may_ work for you. It include a port to Windows of OpenBSD's PF
firewall which provides stateful filtering with packet scrubing for
inbound and outbound traffic.

http://force.coresecurity.com/index.php?module=base&page=about

*CAVEAT* This is an OLD project that is no longer maintained or
supported. If you use it, you will be on your own.

regards,

-ivan

Powered by blists - more mailing lists